Number of Openings: 1
Worker Type: Permanent
Position Overview: With a reporting line to the Security Operations Manager, the Intermediate Security Operations Analyst will be globally responsible for improving the security posture of all Finning regions regarding governance policy compliance, firewall policy management, vulnerability management, SIEM alert management, email hygiene, anti-virus management, and incident response.
Job Description:
Major Job Functions:
Governance policy compliance, including validating policy compliance, contributing towards team budget development and management, security awareness training
Firewall policy management, including annual policy review, reviewing and approving planned and ad-hoc policy rules changes, reviewing and approving IPS policy rules and onboarding new firewalls
Vulnerability management, including asset scans and mapping
SIEM alert management, including identifying log parsing errors, advising on remediation activities, reviewing/action of alerts and collaborating on alert optimization-
Email hygiene and anti-virus management, including investigating/responding to alerts, system monitoring and contributing towards continuous improvements and upgrades
Incident response, including reviewing logs and collaborating to prevent/isolate traffic, solution development and threat analysis
Providing insight into incident management, continuous improvement to procedures and policies
Benefits:
In addition to 25 days holiday, an annual bonus, a competitive salary, life insurance, and up to 7% pension, you will benefit from:
Private medical insurance
Enhanced maternity and paternity packages
Family-friendly policies to support working parents
Enhanced flexible working options
Support from a team of 40+ Mental Health first-aiders
Employee wellbeing solutions
Electric car scheme (UK)
The opportunity to work with your charity of choice
Length of service or recognition awards.
Specific Skills:
Awareness of Identity and access management (IAM) solutions
P articipation in the configuration of endpoint protection technologies and techniques, Web application firewalls and intrusion prevention, and encryption methodologies
K nowledge of access control methodologies (MAC, DAC, RBAC)
Working experience with firewall monitoring, content filtering, IDS/IPS systems, SIEM tools and network scanners, and cyber security techniques
E xperience working with a variety of firewalls, including trouble-shooting, log review and configuration
E xperience with onboarding security requirements for new Projects
Knowledge:
Basic knowledge of a broad range of standards and frameworks - for example, International Standards Organization (ISO) 27001, IT Infrastructure Library (ITIL), Payment Card Industry - Data Security Standard (PCI DSS), Bill-198, Personal Information Protection and Electronics Documents Act (PIPEDA)
Knowledge of common risk management methodologies - for example, Control Objectives for Information and Related Technology (COBIT5)
Understanding of strategic business risks
Ability to develop a comprehensive understanding of Finning's business, market and industry and relate that knowledge to identified operations- and IT-related risks
Knowledge necessary to propose relevant IT responses to changing business risks and regulatory changes
Knowledge and use of User and entity behaviour analytics (UEBA)
Experience with social engineering, penetration testing, vulnerability risk assessments, cloud computing
Education & Experience:
Bachelor's degree in Computer Science or equivalent experience
Obtained or working towards one of the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control, Certified Ethical Hacker, Global Information Assurance Certification (GIAC)
Three to six years of experience in IT security management or a related discipline (for example, risk, privacy, business continuity management or compliance).
At Finning, we prioritize creating a diverse and inclusive environment. We are proud to be an equal opportunity employer, and we actively encourage all individuals to express themselves and achieve their full potential. As a company, we continuously strive to enhance our outreach to individuals of all backgrounds and identities. We do not discriminate against applicants based on gender identity, race, national and ethnic origin, religion, age, sexual orientation, marital and family status, and/or mental or physical disabilities. Furthermore, Finning is committed to collaborating with and providing reasonable accommodations /adjustments to individuals with disabilities. If you require an adjustment/accommodation at any point during the recruitment process, please inform your recruiter.